Tag Archive: exploit

Here’s how to make sure you’re patched against the exploit for your Hue Hub

A Zigbee vulnerability can let a hacker use Hue bulbs to wreck your smart home, but it was patched before it was released. Check and make sure you’re up to date!

Researchers from Check Point Software have released the details of a particularly nasty vulnerability in the Zigbee smart home protocol that has the potential to take over your Wi-Fi network and inject malware into the things connected to it. This is notable because many smart home  [Read More…]

PSA: Android users should update Twitter immediately to avoid this exploit

The company says it’s not aware of any attacks exploiting the vulnerability, but it can’t be sure.

What you need to know Twitter this week revealed a major vulnerability in its Android app. The exploit could allow an attacker to get access to sensitive information or even take control of a Twitter account. The company is communicating mitigation strategies to users it believes are at risk and is advising everyone to update the app.

Twitter’s Android app  [Read More…]

QualPwn is a new exploit for Snapdragon chips, here’s what you need to know

An exploit in Qualcomm’s chips could let an attacker compromise your phone, but it’s been fixed in the latest Android Security Patch.

Your phone is built from a myriad of assorted parts, and many of them are “smart” and have their own built-in processors and firmware. That means there are plenty of places for bugs or vulnerabilities to be found that would allow a bad actor to have access to things they shouldn’t. The companies who make  [Read More…]

Everything you need to know about the RAMpage security exploit

The RAMpage exploit has the potential to give a bad app complete control of your phone. Should you be worried?

The latest security exploit to affect millions of devices is called RAMpage. It’s a variation of previous attacks that use the Rowhammer hardware vulnerability to run malicious code by changing what’s stored into your device’s memory (RAM) and has the potential of data loss and to allow unauthorized access. In other words, someone using RAMpage could get  [Read More…]

Cloak & Dagger exploit: What you need to know

Should you be concerned about this new Android exploit called Cloak & Dagger? Here’s what you need to know!

A new Android exploit has been unveiled called Cloak & Dagger and, true to its name, it describes ways in which ill-intentioned apps can take advantage of two Android permissions to steal keystrokes and trick users into divulging personal information.

But is it dangerous? Let’s break it down quickly.

What is Cloak & Dagger?

Cloak & Dagger  [Read More…]

Nexus devices to get a mid-month security patch after critical Linux kernel exploit discovered

App used to root Nexus 5, Nexus 6 found to have exploited ‘local elevation of privilege vulnerability,’ but .

Google has issued a supplemental update to its monthly Android Security Advisory after a critical flaw in the Linux kernel was found to be exploited in a rooting app. The flaw as originally reported was scheduled to be patched in a coming monthly security update, but that changed once researchers from Zimperium were able to demonstrate an  [Read More…]

Moto X 2014 updated with fix for Stagefright exploit

If you happen to be using a Moto X 2014 Pure Edition, you may have an update waiting for you. It appears that Motorola has begun pushing out a patch for the Stagefright exploit, along with some minor bug fixes.

The ‘Stagefright’ exploit: What you need to know

In July 2015, security company Zimperium announced that it had discovered a “unicorn” of a vulnerability inside the Android operating system. More details were publicly disclosed at the BlackHat conference in early August — but not before headlines declaring that nearly a billion Android devices could potentially be taken over without their users even knowing it.

So what is “Stagefright”? And do you need to worry about it?

We’re continuously updating this post as more information is released.  [Read More…]

Motorola talks Stagefright exploit, says updates will be handed off to carriers next week

The Stagefright exploit has had quite an effect on Android, causing several device makers to commit to monthly security updates. For many phones, that took effect this week, with companies like Google and Samsung pushing out updates to patch the exploit. Now Motorola has revealed its plans for patching Stagefright.

A new Motorola support page explains that the company became aware of the Stagefright exploit in late June, and since then Moto has been working to patch and protect its  [Read More…]

Deutsche Telekom is turning off auto-retrieval of MMS until Stagefright exploit is fully patched

In Germany, carrier Deutsche Telekom has turned off auto-retrieval of MMS on its network until the Stagefright exploit has been fully patched. We have already seen a number of carriers push out updates, and Google is updating its Nexus line as well, but Deutsche Telekom is taking a different approach. Instead of attempting to update every device in an attempt to prevent attacks, the carrier has disabled the MMS from being auto-retrieved on your phone.

[Read More…]